WLAN security threat with data thief

[Algernon]

Such as D-Link knows, in particular conference rooms in office buildings, a place where sins connect to the network security light. We have already seen many installations where the conference room attached to second access point, usually unencrypted wireless network creates one, the same time as the company's internal wireless is operated. Now the problem: There is indeed supposed separation in wireless networks instead of one but not more than that in wired Ethernet. These are said by the network specialist. I am here, just to check your opinion on this topic.

[StephanieRice]

Solution of the problem are dedicated wireless controller, such as those offered by most major network vendors. The controllers separate the Wi-Fi sessions from each other by building each client a GRE (Generic Routing Encapsulation) tunnel. Time-tunnel is the only control to which the data cleanly separated from the router passes on, or vice versa, again returned to the client. A firewall separates the controller not only the individual wireless clients from each other, but also the wireless hardware from the rest of the network. This separation is useful not only slowing down to hackers. It can also be legally interesting when used, for example, representatives of different, competing companies, the same WLAN.

[VinFanatic]

In general include the training of staff to key safety factors, located almost on a par with a good encryption. Thus, it is as essential notebook reinforced, frequently traveling colleagues, the basic rules of safe wireless out of the office to explain access: Although like the great temptation to the evening in the hotel, the Wi-Fi called "Free High Speed Internet" option, rather than the overpriced wireless network to take advantage of the hotel. Employees must be clear however, that probably lies behind the free offer no altruistic neighbor, but an attacker.

[Aldous]

If the laptop via Group Policy Sun nailed it can hold only a small number of predefined SSIDs contact, staff will use the device certainly less happy than if desired titled radio networks are available. With that, the company lost a decent level of productivity. Productivity, which should actually be obtained by investing in mobile devices. Even my colleagues have to deal with encrypted access points are explained. After all, who recoils at the hurdle to enter a WPA key that is always the alternative use for anyone to eavesdrop, unencrypted wireless network. The same goes for SSL secured pages: Only those who know, for example, the registration takes place on a T-Mobile hotspot via an https connection, detects the http-setting phishing variant. Although SSL does not provide more complete security since hackers have been able to get by a trick of valid certificates virtually any site. It is currently the browser vendors, their products implant techniques to discard the generated certificates with this trick.

[Unnat]

Is not encrypted wireless wide and far to find software can as Cisco Security Agent (CSA) to help the notebook. CSA monitors including the incoming and outgoing data streams, especially, and can prevent any data transfer, such as when no VPN connection over an insecure (wireless) network is to be communicated. This CSA has already met the basic requirements for a device installed on the LCD component.